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ABSTRACT 

After  working  many  years  on  the  computer  security,  I have  seen  most  of  the  systems  in  service  extremely 
vulnerable  to  attach.  Actually  installing  security  on  the  system  is  very  expensive,  that’s  why  peoples  are  far  away  from  this 
according  to  my  experience.  Since  there’s  been  small  damage,  people  decide  that  they  don’t  want  much  security.  Security 
is  playing  crucial  role  in  their  life,  but  it  is  very  difficult  to  have  security  on  all  the  systems.  Nowadays  peoples  are  thinking 
towards  security,  because  without  security,  very  difficult  to  make  daily  transactions. 
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INTRODUCTION 

Peoples  have  been  working  on  Computer  Security  for  at  least  30  years.  During  this  time  span,  we  have  much 
success  on  the  field  of  Computer  Security.  During  these  year’s  computer  security  reached  at  high  level,  but  we  have  some 
issues  and  attacks  besides  on  security.  If  we  considered  online  transaction  security  has  many  issues.  Nowadays  security 
becomes  important  aspect  in  the  human  life  without  security  it’s  very  difficult  to  survive  in  this  world. 

What  is  Security? 

Life  would  be  great  if  we  could  all  exchange  information  freely  and  never  worry  about  any  malicious  intent, 
stealing  of  our  information.  However,  we  do  not  live  in  a perfect  world,  so  we  should  focus  about  the  safety  and  security  of 
any  data  or  information  flowing  across  any  network. 

Day  by  day  we  are  dependent  on  the  Internet  to  manage  our  bank  accounts,  our  medical  records,  and  our  credit 
card  payments;  we  need  to  protect  this  valuable  information.  This  means  we  must  turn  to  network  security. 

What  is  the  reality  of  security  in  human  life? 

The  field  of  network  security  was  form  with  the  purpose  of  designing  security  methods  to  protect  our  most 
valuable  assets  from  the  cyber  criminals. 

If  human  in  their  real  life  entrust  to  network  security,  then  we  have  three  solutions;  consisting  of  hardware, 
software  and  physical  security  methods  used  to  combat  any  security  threat.  In  all  the  devices  such  as  routers,  IDS's  and 
firewalls  are  hardware  devices  used  within  a network  to  add  security  to  its  all  users. 

Anti-virus  software  and  Virtual  private  network  (VPN's)  are  some  of  the  software  tools  used  to  add  additional 
protection  for  any  network. 

The  most  secure  networks  in  the  real  world  will  have  combined  with  hardware,  software  and  physical  security 
methods  together;  finally  these  methods  will  provide  any  kind  of  protection  protection  to  all  users  of  any  network. 

Computer  security,  also  known  as  cyber  security  or  IT  security,  is  the  protection  of  information  systems  from 
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theft  or  damage  to  the  hardware,  the  software,  and  to  the  information  on  them. 

How  people  can  live  with  such  poor  security  in  this  real  world  system?  The  reason  behind  the  real  world  security 
is  not  about  to  perfect  gateways  against  determined  attackers.  Instead,  it’s 

• value, 

• locks,  and 

• Punishment. 

What  is  wrong  with  perfect  securities?  Because,  security  cost  is  too  much.  It’s  very  difficult  to  have  secure  sys- 
tems in  the  human  life.  For  security,  there  is  a proper  way  to  protect  personal  belongings  against  direct  attackers,  keep 
them  in  a safe  deposit  box.  After  many  years  of  experience,  banks  have  learned  how  to  use  time  locks,  alarms,  and  multiple 
keys  to  make  these  boxes  quite  secure.  Finally  as  a result,  people  use  them  only  for  things  that  are  seldom  needed  and 
either  expensive  or  hard  to  replace. 

Examples  of  Network  Security 
Firewalls 

The  basic  and  easily  implemented  method  of  network  security  is  the  firewall.  A firewall  can  be  software  based, 
provided  by  windows,  or  hardware  based,  such  as  a router.  The  main  idea  behind  a firewall  is  to  allow  authorized  access  to 
a computer  while  blocking  unauthorized  access.  This  is  accomplished  by  configuring  access  conditions  depends  on  user 
defined  rules,  IP  addresses,  and  port  accessibility. 

VPN's:  Virtual  Private  Networks 

VPN's  are  used  to  establish  an  encrypted  connection  across  a network  while  using  the  Internet  as  its  transmission 
medium.  A VPN  uses  the  Internet,  which  is  already  in  place.  The  benefit  of  VPN  is  that  a secure  data  connection  is 
established.  VPN  connection  software  encrypts  the  data  being  sent  between  one  place  and  another.  This  is  known  as 
tunneling. 

IDS:  Intrusion  Detection  System 

Intrusion  Detection  Systems  consist  of  a combination  of  both  hardware  and  software  and  work  in  conjunction 
with  an  existing  firewall.  IDS  units  are  used  to  detect  an  intrusion  threat  to  a computer  system.  IDS  configurations  use  data 
analysis  algorithms  to  compare  data  packet  construction  and  frequency  to  established  packet  content  definitions.  If  the 
packet  construction  observed  does  not  match  the  packet  construction  expected,  when  compared  to  previously  configured 
definitions,  an  alert  is  signified.  Depending  on  the  configuration  of  the  IDS,  the  observed  traffic  is  either  blocked  or  let 
through  to  be  marked  for  observation  at  a later  date. 

OVERVIEW  OF  COMPUTER  SECURITY 

Computer  security  based  on  confidentiality,  integrity,  and  availability.  The  clarification  of  these  three  aspects 
varies,  as  they  arise.  The  clarification  of  quality  in  a given  environment  is  directed  by  the  needs  of  the  individuals, 
customs,  and  laws  of  the  particular  organization. 
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Confidentiality 

Confidentiality  is  the  secretion  of  information  or  resources.  The  need  for  having  information  secret  arises  from  the 
use  of  computers  in  delicate  fields  such  as  government  and  industry.  For  example,  military  and  public  institutions  in  the 
government  restrict  access  to  information  to  those  peoples  are  in  need  of  that  information.  For  example,  all  types  of 
institutions  keep  personnel  records  secret. 

Integrity 

Integrity  refers  to  the  determination  of  data  or  resources.  It  is  used  in  terms  of  preventing  improper  or 
unauthorized  change.  Integrity  includes  data  integrity  (the  content  of  the  information)  and  origin  integrity  (the  source  of  the 
data,  often  called  authentication). 

Availability 

Availability  is  the  ability  to  use  the  information  or  resource  needed.  Availability  is  an  important  aspect  of 
reliability  as  well  as  of  system  design  because  an  unavailable  system  is  at  least  as  bad  as  no  system  at  all. 

Security  Threats  and  Attacks 

• A threat  is  a potential  violation  of  security. 

• An  attack  is  any  action  that  violates  security. 

• An  attack  has  an  implicit  concept  of  “intent” 

Security  Policy  and  Mechanism 

• Policy:  a statement  of  what  is,  and  is  not  allowed. 

• Mechanism:  a procedure,  tool,  or  method  of  enforcing  a policy. 

• Security  mechanisms  implement  functions  that  help  prevent,  detect,  and  respond  to  recovery  from  security 
attacks. 

• Security  functions  are  typically  made  available  to  users  as  a set  of  security  services  through  APIs  or  integrated 
interfaces. 

• Cryptography  underlies  many  security  mechanisms. 

Implementing  Security 

The  implementation  of  security  has  two  parts:  the  code  and  the  setup/configuration.  The  code  is  the  programson 
which  security  depends.  The  setup  is  whole  data  that  controls  the  operations  of  these  programs:  folder  structure,  access 
control  lists,  group  memberships,  user  passwords  or  encryption  keys,  etc. 

The  job  of  a security  implementation  is  to  defend  against  vulnerabilities.  These  take  three  main  forms: 

• Authenticating 

• Authorizing 
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• Auditing 

Every  government  entity  or  private  enterprise  business  generally  has  a security  plan  in  place  which  utilizes 
numerous  types  of  controls  to  reduce  or  attempt  to  eliminate  the  adverse  effects  coming  from  security  risks  to  their 
operations.  For  the  most  part  there  are  three  basic  types  of  controls  in  use: 

• Technology  - software  and  hardware  used  to  address  internal  and  external  threats  to  the  security  of  the 
organization. 

• Process  - policies,  processes,  and  practices  to  address  vulnerabilities  and  to  reduce  security  risks  while 
establishing  baseline  standards  of  secure  operations. 

• Ignore  the  vulnerability  and  threat 

NETWORK  SECURITY  MODEL 

The  network  security  model  is  based  on  Open  system  Interconnection  model  (OSI),  developed  in  1983  by  the 
International  Organization  for  Standardization  (ISO).  Same  like  OSI  model.  Network  security  model  is  a seven  layer  model 
that  divides  the  daunting  task  of  securing  a network  infrastructure  into  seven  manageable  sections.  This  model  is  generic 
and  can  be  applied  on  all  security  implementation  and  devices.  When  an  attack  on  a network  has  succeeded  it  is  much 
easier  to  locate  the  specific  issue  and  fix  it  with  the  use  of  Network  Security  Model.  The  Network  Security  Model  is 
divided  into  seven  layers  are  as  follows. 

• Physical 

• VLAN  (Virtual  Local  Area  Network) 

• ACL  (Access  Control  Lists) 

• Software 

• User 

• Administrative 

• IT  Department 
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Figure  1:  Model  of  Network  Security 


Why  do  we  Need  a Network  Security  Model? 

The  NSM  will  give  the  security  community  a way  to  study,  implement,  and  maintain  the  network  security  that  can 
be  applied  to  any  network.  In  addition  we  can  say  that,  it  can  be  use  as  a security  tool.  NSM  provides  the  basic  structure.  It 
provides  the  new  professionals  with  the  knowledge  to  discover  what  has  been  implemented  and  what  has  not  been 
implemented  from  a security  stand  point. 

The  Security  Life  Cycle 

If  the  network  security  model  has  been  implemented:  a network  security  professional  can  begin  a network  security 
life  cycle.  The  life  cycle  should  contain  checks  and  balances  to  make  sure  that  all  the  layers  are  in  secure  state.  The  life 
cycle  should  begin  with  the  technical  standpoint.  This  means  that  the  network  security  professional  should  focus  at  the 
current  network  security  model  to  find  any  problem  occurs  or  needful  improvement  to  be  done.  The  network  security 
model  should  be  tested  periodically  by  a penetration  test  in  order  to  find  any  exploits. 

• Threats 

• Policy 

• Specification 

• Design 

• Implementation 

• Operation  and  maintenance 
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CONCLUSIONS 

After  having  the  overview  of  security,  I have  concluded  the  basic  ideas  of  computer  security:  secrecy,  integrity, 
and  availability.  Implemented  by  access  control  based  on  the  standard  of  authentication,  authorization,  and  auditing.  We 
discussed  the  reasons  why  it  doesn’t  work  very  well  in  practice: 

• Complexity  in  the  code  and  especially  in  the  setup  of  security,  which  overwhelms  users  and  administrators. 

• The  Internet  works  only  because  we  implicitly  trust  one  another 

• It  is  very  easy  to  exploit  this  trust 

• The  same  holds  true  for  software 

Security  is  also  playing  a very  important  role  in  the  human  life  in  this  real  world.  As  they  are  doing  many  day  to 
day  online  transactions  like  e-commerce,  banking,  credit/debit  card  transactions,  and  many  more  transactions.  We  can  say 
that  the  human  life  is  surrounded  by  technology  and  they  are  totally  dependent  on  this.  For  these  daily  life  transactions  we 
need  a secure  environment  in  the  technologies  used  by  human.  The  questions  arises,  are  all  the  daily  life  transactions  are 
100  % secure.  The  answer  is  no,  all  the  systems  and  technologies  used  by  different  companies  and  organizations  are  not 
100  % secure.  They  are  providing  security  but  not  at  final  level.  That’s  why  we  have  number  of  cyber  crimes  and  attacks 
on  day  to  day  transactions.  But  another  truth  of  human  life  in  spite  of  less  security  their  life  is  based  on  technologies  or  we 
can  say  smart  world. 
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